Commit 439bd75c authored by Elijah Grubb's avatar Elijah Grubb

Merge remote-tracking branch 'origin/master' into environment-parameters

parents bd42cfa1 228abc54
#
# Copyright (c) 2002-2015 University of Utah and the Flux Group.
# Copyright (c) 2002-2017 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -47,9 +47,11 @@ CONFIG_GENI = httpd-geni.conf
CONFIG_FILES += $(CONFIG_GENI)
endif
#
# Move to Apache 22 ...
#
ifeq ($(APACHE_VERSION),24)
# For VPATH.
MOSTLY_SRCDIRS = ${SRCDIR}/v24
SCRIPT_HACK = 0
else
ifeq ($(APACHE_VERSION),22)
# For VPATH.
MOSTLY_SRCDIRS = ${SRCDIR}/v2
......@@ -57,6 +59,7 @@ SCRIPT_HACK = 0
else
MOSTLY_SRCDIRS = ${SRCDIR}/v1
endif
endif
INSTALL_PHP_CONFIG = /usr/local/etc
#
......@@ -140,7 +143,13 @@ ifeq ($(SCRIPT_HACK),1)
$(INSTALL) -m 755 $(SRCDIR)/apache-emulab /usr/local/etc/rc.d/apache.sh
endif
ifeq ($(APACHE_VERSION),22)
ifeq ($(APACHE_VERSION),1.3)
install: install-dirs install-scripts httpd.conf.fixed
$(INSTALL_DATA) httpd.conf.fixed $(INSTALL_APACHE_CONFIG)/httpd.conf
control-install: install-dirs install-scripts httpd.conf-ops.fixed
$(INSTALL_DATA) httpd.conf-ops.fixed $(INSTALL_APACHE_CONFIG)/httpd.conf
else
install: install-dirs install-scripts httpd.conf pgeni-install
$(INSTALL_DATA) httpd.conf $(INSTALL_APACHE_CONFIG)/httpd.conf
......@@ -153,12 +162,6 @@ ifeq ($(PGENISUPPORT),1)
endif
utah: httpd.conf.utah httpd.conf-ops.utah
else
install: install-dirs install-scripts httpd.conf.fixed
$(INSTALL_DATA) httpd.conf.fixed $(INSTALL_APACHE_CONFIG)/httpd.conf
control-install: install-dirs install-scripts httpd.conf-ops.fixed
$(INSTALL_DATA) httpd.conf-ops.fixed $(INSTALL_APACHE_CONFIG)/httpd.conf
endif
install-php-ini: php.ini
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
......@@ -346,9 +346,20 @@ $version = $profile->version();
#
if (exists($xmlparse->{'attribute'}->{"rspec"})) {
$rspecstr = $xmlparse->{'attribute'}->{"rspec"}->{'value'};
# Trim()
$rspecstr =~ s/^\s+|\s+$//g;
if ($rspecstr eq "") {
UserError("Not a valid rspec");
}
}
else {
$rspecstr = $profile->CheckFirewall(!$localuser);
$rspecstr = $profile->rspec();
# Trim()
$rspecstr =~ s/^\s+|\s+$//g;
if ($rspecstr eq "") {
UserError("Profile does not have a valid rspec");
}
$rspecstr = $profile->CheckFirewall(!$localuser);
}
#
# Optional rspec and/or script, as for a repo-based profile.
......
......@@ -4191,7 +4191,7 @@ sub fatal($)
if (defined($webtask)) {
$webtask->output($mesg);
$webtask->code(-1);
$webtask->Exited(-1);
}
print STDERR "*** $0:\n".
" $mesg\n";
......@@ -4205,7 +4205,7 @@ sub UserError($)
if (defined($webtask)) {
$webtask->output($mesg);
$webtask->code(1);
$webtask->Exited(1);
}
print STDERR "*** $0:\n".
" $mesg\n";
......
......@@ -4616,6 +4616,7 @@ outfiles="Makeconf GNUmakefile setversion \
tmcc/ubuntu15/GNUmakefile \
tmcc/ubuntu16/GNUmakefile \
tmcc/ubuntu16-ms/GNUmakefile \
tmcc/ubuntu18/GNUmakefile \
tmcc/linux-ms/GNUmakefile \
tmcc/archlinux/GNUmakefile \
tmcc/alpine/GNUmakefile \
......
......@@ -304,6 +304,7 @@ outfiles="Makeconf GNUmakefile setversion \
tmcc/ubuntu15/GNUmakefile \
tmcc/ubuntu16/GNUmakefile \
tmcc/ubuntu16-ms/GNUmakefile \
tmcc/ubuntu18/GNUmakefile \
tmcc/linux-ms/GNUmakefile \
tmcc/archlinux/GNUmakefile \
tmcc/alpine/GNUmakefile \
......
......@@ -29,7 +29,7 @@ SYSTEM := $(shell $(SRCDIR)/../../../tmcc/osstuff.sh -o)
IPERFVERSION = 2.0.2
ifeq ($(SYSTEM),Linux)
OSTAG=$(shell $(SRCDIR)/../../../tmcc/osstuff.sh -t)
ifneq (,$(filter $(OSTAG),alpine debian9 debianS))
ifneq (,$(filter $(OSTAG),alpine debian9 debianS ubuntu18))
IPERFVERSION = 2.0.10
# If 2.0.10, we have to disable 64-bit seq numbers; they mess up the
# client_hdr size in a backwards-incompat way.
......
......@@ -380,6 +380,13 @@ sub doboot()
$emulabconfig{"CONFIG_NFSRACY"} = 0;
}
#
# Use the 10.x based MFSes for newer installs
#
if ($FBSD_VERSION >= 10.3) {
$emulabconfig{"MFSVERSION"} = "10-64";
}
# Determine if a XEN VM.
if (system("sysctl -n kern.vm_guest >/dev/null 2>&1") == 0) {
my $vm_guest = `sysctl -n kern.vm_guest`;
......
......@@ -120,7 +120,7 @@ my $BS_UUID_TYPE_IQN = "iqn";
#
# Global variables
#
my $debug = 1;
my $debug = 0;
my $auth;
my $server;
......
COPY artifacts/runit/runit*.apk /tmp/
COPY artifacts/runit/*.apk /tmp/
......@@ -52,6 +52,20 @@ cp -p *.apk $DESTDIR/
# cp -p *.deb $DESTDIR/
# rm -rf runit *.deb *.dsc
#
# Also rebuild shadow to support user/group names with capitalized letters.
#
cd /tmp/
wget https://www.emulab.net/downloads/alpine-shadow-src.tar.gz
tar -xzvf alpine-shadow-src.tar.gz
chown -R packager shadow
cd shadow
sudo -u packager abuild checksum
sudo -u packager -H abuild -r
cp -p /home/packager/packages/tmp/x86_64/shadow-4*.apk \
/home/packager/packages/tmp/x86_64/shadow-uidmap-4*.apk \
$DESTDIR
$DIRNAME/alpine/cleanup.sh
exit 0
......@@ -18,6 +18,7 @@ echo "runit should be run here..."
apk update
apk add --allow-untrusted /tmp/runit*.apk
apk add --allow-untrusted /tmp/shadow*.apk
## dpkg -i /tmp/runit_*.deb
## apt-get install -y --no-install-suggests --no-install-recommends -f
......
ACTION!="remove", SUBSYSTEM=="net", KERNEL!="lo", ENV{SYSTEMD_WANTS}+="emulab-networkd@$name.service", RUN+="/usr/local/etc/emulab/emulab-networkd-udev-helper.sh $name"
ACTION="remove", SUBSYSTEM=="net", KERNEL!="lo", RUN+="systemctl stop --no-block emulab-networkd@$name.service"
#
# Copyright (c) 2000-2018 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
#
# XXX ONLY RUN THIS INSTALL ON AN UBUNTU LINUX TESTBED NODE!
#
# Trivial. These things just need to be installed into the right place
# on a testbed node before cutting an image.
#
#
SRCDIR = @srcdir@
TESTBED_SRCDIR = @top_srcdir@
OBJDIR = @top_builddir@
SUBDIR = $(subst $(TESTBED_SRCDIR)/,,$(SRCDIR))
include $(OBJDIR)/Makeconf
SCRIPTS =
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
#
all: supfile ifcfgs
include $(TESTBED_SRCDIR)/GNUmakerules
SYSETCDIR = $(DESTDIR)/etc
ETCDIR = $(DESTDIR)$(CLIENT_ETCDIR)
BINDIR = $(DESTDIR)$(CLIENT_BINDIR)
VARDIR = $(DESTDIR)$(CLIENT_VARDIR)
RCDIR = $(SYSETCDIR)
RRCDIR = /etc
INSTALL = /usr/bin/install -c
COMMON = $(SRCDIR)/../common
DEFRUNLVLDIR ?= $(SYSETCDIR)/rc3.d
# group to use for directories (dir-install)
DIRGROUP ?= root
install client-install: common-install etc-install \
script-install bin-install sysetc-fixup sysetc-install \
systemd-install
@echo "Remember to install the PEM files if necessary"
simple-install: common-install script-install bin-install
dir-install:
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/network
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/rsyslog.d
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/sudoers.d
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/systemd
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/systemd/system
#$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/systemd/system/network-online.target.wants
#$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/systemd/system/networking.service.wants
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/systemd/system/multi-user.target.wants
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/udev
$(INSTALL) -m 755 -o root -g root -d $(SYSETCDIR)/udev/rules.d
$(INSTALL) -m 755 -o root -g root -d $(DESTDIR)/lib/systemd/system
common-install: dir-install
(cd ../common; $(MAKE) DESTDIR=$(DESTDIR) local-install)
bin-install: dir-install
(cd ../linux; $(MAKE) DESTDIR=$(DESTDIR) RCDIR=$(RCDIR) USES_SYSTEMD=1 bin-install)
$(INSTALL) -m 755 $(SRCDIR)/emulab-networkd.sh \
$(BINDIR)/emulab-networkd.sh
$(INSTALL) -m 755 $(SRCDIR)/emulab-networkd-udev-helper.sh \
$(BINDIR)/emulab-networkd-udev-helper.sh
etc-install: dir-install common-sysetc-install
if [ "$(NOPASSWD)" != "1" ]; then \
$(INSTALL) -m 644 $(SRCDIR)/group $(ETCDIR)/group ; \
$(INSTALL) -m 644 $(SRCDIR)/passwd $(ETCDIR)/passwd ; \
$(INSTALL) -m 600 $(SRCDIR)/shadow $(ETCDIR)/shadow ; \
$(INSTALL) -m 600 $(SRCDIR)/gshadow $(ETCDIR)/gshadow ; \
fi
if [ "$(NOHOSTS)" != "1" ]; then \
$(INSTALL) -m 644 $(SRCDIR)/hosts $(ETCDIR)/hosts ; \
fi
common-sysetc-install: dir-install
# Tell ../linux/GNUMakefile.in that we want systemd files, not SYSV
(cd ../linux; $(MAKE) DESTDIR=$(DESTDIR) RCDIR=$(RCDIR) RRCDIR=$(RRCDIR) USES_SYSTEMD=1 sysetc-install)
sysetc-fixup:
rm -rf $(SYSETCDIR)/modules.conf $(SYSETCDIR)/cron.pend \
$(SYSETCDIR)/sysconfig $(SYSETCDIR)/init.d/ntpd
rm -f $(SYSETCDIR)/ntp.drift
rm -f $(SYSETCDIR)/dhclient-enter-hooks $(SYSETCDIR)/dhclient-exit-hooks
rm -f $(SYSETCDIR)/rc.local
sysetc-install: dir-install
$(INSTALL) -m 644 $(SRCDIR)/rsyslog-emulab.conf $(SYSETCDIR)/rsyslog.d/40-emulab.conf
rm -f $(SYSETCDIR)/rsyslog.d/60-emulab.conf
$(INSTALL) -m 644 $(SRCDIR)/sudoers $(SYSETCDIR)/sudoers.d/99-emulab
@if [ -z "$(NONTP)" ]; then \
$(INSTALL) -m 644 $(SRCDIR)/ntp.conf $(SYSETCDIR)/ntp.conf; \
$(INSTALL) -m 644 -o ntp -g ntp /dev/null /var/lib/ntp/ntp.drift ; \
fi
$(INSTALL) -m 644 $(SRCDIR)/99-emulab-networkd.rules \
$(SYSETCDIR)/udev/rules.d/99-emulab-networkd.rules
systemd-install: dir-install
#$(INSTALL) -m 644 $(SRCDIR)/ifup-wait-emulab-cnet.service \
# $(SYSETCDIR)/systemd/system/ifup-wait-emulab-cnet.service
#$(INSTALL) -m 644 $(SRCDIR)/ifup-wait-emulab-cnet.service \
# $(ETCDIR)/ifup-wait-emulab-cnet.service
#rm -f $(SYSETCDIR)/systemd/system/network-online.target.wants/ifup-wait-all-auto.service
#ln -sf ../ifup-wait-emulab-cnet.service \
# $(SYSETCDIR)/systemd/system/network-online.target.wants/ifup-wait-emulab-cnet.service
#$(INSTALL) -m 644 $(SRCDIR)/networking-emulab.service \
# $(SYSETCDIR)/systemd/system/networking-emulab.service
#ln -sf ../networking-emulab.service \
# $(SYSETCDIR)/systemd/system/networking.service.wants/networking-emulab.service
#ln -sf ../networking-emulab.service \
# $(SYSETCDIR)/systemd/system/network-online.target.wants/networking-emulab.service
#@if [ -z "$(NONTP)" ]; then \
# $(INSTALL) -m 644 $(SRCDIR)/ntp.service $(SYSETCDIR)/systemd/system ; \
# ln -sf ../ntp.service \
# $(SYSETCDIR)/systemd/system/multi-user.target.wants/ntp.service ; \
#fi
# Kick the init process to read our newly-installed unit files
# (i.e., so an immediate tbprepare will work...)
$(INSTALL) -m 644 $(SRCDIR)/emulab-networkd@.service \
$(DESTDIR)/lib/systemd/system/emulab-networkd@.service
@if [ -z "$(DESTDIR)" ]; then \
systemctl daemon-reload; \
fi
script-install: dir-install $(SCRIPTS)
(cd ../linux; $(MAKE) DESTDIR=$(DESTDIR) RCDIR=$(RCDIR) USES_SYSTEMD=1 script-install)
genirack-install:
sfs-install:
#!/bin/sh
#
# This simply drops a .network file for interface $1 into
# /run/systemd/network so that networkd can pick it up, unless it gets
# overridden.
#
iface=$1
if [ -z "$iface" ]; then
echo "ERROR: must provide an interface as the sole argument"
exit 1
fi
#
# NB, if the user has overridden this by some file in
# /etc/systemd/network, that takes precedence, and this won't be run.
# We have specific code in emulab-networkd.sh that is run from
# emulab-networkd-online@.service that checks to see if this file was
# used or not; we only handle the iface there if this file got used.
#
mkdir -p /run/systemd/network
cat <<EOF > /run/systemd/network/${iface}.network
[Match]
Name=$iface
[Network]
Description=Emulab control net search on $iface
DHCP=yes
[DHCP]
CriticalConnection=yes
PreferredLifetime=forever
UseNTP=yes
UseHostname=yes
UseDomains=yes
EOF
exit 0
#!/bin/sh
iface=$1
if [ -z "$iface" ]; then
echo "ERROR: must provide an interface as the sole argument"
exit 1
fi
if [ -e /etc/emulab/paths.sh ]; then
. /etc/emulab/paths.sh
else
BOOTDIR=/var/emulab/boot
LOGDIR=/var/emulab/logs
fi
mkdir -p $LOGDIR
LOGFILE=$LOGDIR/emulab-networkd-$iface.log
echo "`date`: ${iface}: starting" >>$LOGFILE 2>&1
found=0
while [ ! $found -eq 1 ]; do
# If the control net iface was found, and it's not us, exit.
if [ -e /run/cnet ]; then
echo "`date`: ${iface}: control net is not us" >>$LOGFILE 2>&1
exit 0
fi
#
# The man page promises this will wait for $iface, but it does not.
# Once an interface comes up, it seems to return. Go figure. This
# means we have to check *which* interface came up; this is how we
# determine if it was our interface or not.
#
/lib/systemd/systemd-networkd-wait-online -i "$iface" --timeout 2
if [ $? -eq 0 ]; then
networkctl status "$iface" | grep -qi configured
if [ $? -eq 0 ]; then
echo "`date`: ${iface}: control net is us" >>$LOGFILE 2>&1
mkdir -p /run/emulab
echo "$iface" > /run/cnet
found=1
fi
fi
done
#
# If the control net iface was us, *and* if systemd-networkd tried to
# use the .network files our udev helper generated (we have to be
# careful that user did not override them with static configuration),
# remove the .network files other instances of us created, down those
# ifaces (systemd-networkd leaves them up), and restart
# systemd-networkd, so it properly shows that it is only managing the
# one control net interface. We could kill it off, but may as well
# leave it running; running `networkctl` will bring it right back. It
# is less invasive than networkmanager, so this should be fine.
#
if [ $found -eq 1 ]; then
echo "emulab-networkd[$$]: found $iface as control net"
controlif=`cat /run/cnet`
for file in `ls -1 /run/systemd/network/*.network | grep -v $controlif.network`; do
grep -q "Description=.*Emulab" $file
if [ ! $? -eq 0 ]; then
echo "`date`: ${iface}: $file is not ours; ignoring" >>$LOGFILE 2>&1
continue
fi
ifa=`echo $file | sed -ne 's|^.*/network/\([^\.]*\)\.network$|\1|p'`
rm -f $file
# Check to see if our file was being used to manage this iface,
# or if it got overridden.
networkctl status $ifa | grep -q "Network File: $file"
if [ $? -eq 0 ]; then
ip link set $ifa down
echo "`date`: ${iface}: downed $ifa" >>$LOGFILE 2>&1
else
echo "`date`: ${iface}: our .network for $ifa was overridden; just removing our .network file" >>$LOGFILE 2>&1
fi
done
#
# Restart systemd-networkd so its management status as shown via
# networkctl is correct; we manage the other ifaces.
#
echo "`date`: ${iface}: restarting systemd-networkd" >>$LOGFILE 2>&1
systemctl restart systemd-networkd
# Sadly, this does not get the network-online.target back into the
# alive state, but we try; it was already hit, and restarting
# systemd-networkd inactivates it. But this seems to cause no
# systemic harm.
systemctl restart systemd-networkd-wait-online
fi
#
# Write some metadata in /var/emulab/boot. The
# /run/systemd/netif/leases/<ifindex> file has what we need.
#
mkdir -p $BOOTDIR
ifindex=`cat /sys/class/net/$iface/ifindex`
if [ -e /run/systemd/netif/leases/$ifindex ]; then
echo "`date`: ${iface}: writing cnet metadata in $BOOTDIR" >>$LOGFILE 2>&1
. /run/systemd/netif/leases/$ifindex
elif [ -e /run/systemd/netif/leases/* ]; then
echo "`date`: ${iface}: unexpected leases file with mismatched ifindex; attempting to use anyway to write cnet metadata in $BOOTDIR" >>$LOGFILE 2>&1
. /run/systemd/netif/leases/*
else
echo "`date`: ${iface}: no leases file in /run/systemd/netif/leases; cannot write cnet metadata in $BOOTDIR; failing!" >>$LOGFILE 2>&1
exit 1
fi
# Actually do the metadata file writes.
echo $SERVER_ADDRESS > $BOOTDIR/bossip
echo $HOSTNAME > $BOOTDIR/realname
echo $ROUTER > $BOOTDIR/routerip
echo $ADDRESS > $BOOTDIR/myip
echo $NETMASK > $BOOTDIR/mynetmask
echo $DOMAINNAME > $BOOTDIR/mydomain
echo $iface > $BOOTDIR/controlif
#
# For Xen-based vnodes we record the vnode name where the scripts expect it.
# XXX this works because only Xen-based vnodes DHCP.
#
case "$HOSTNAME" in
pcvm*)
echo $HOSTNAME > $BOOTDIR/vmname
;;
esac
#
# Make sure the hostname is set to something sane.
#
if [ `hostname -s` != "$HOSTNAME" ]; then
hostname $HOSTNAME
fi
#
# Ensure /etc/resolv.conf is set to something sane. We are not using
# systemd-resolved, so all we want is for /etc/resolv.conf to point to
# /run/systemd/resolve/resolv.conf . But if it doesn't, just update it
# in place.
#
if [ -L /etc/resolv.conf \
-a ! -f `readlink -f /etc/resolv.conf` \
-f /run/systemd/resolve/resolv.conf ]; then
echo "`date`: fixing /etc/resolv.conf to point to /run/systemd/resolve/resolv.conf" >>$LOGFILE 2>&1
ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
elif [ ! -L /etc/resolv.conf ]; then
echo "`date`: updating static /etc/resolv.conf; should be symlink!" >>$LOGFILE 2>&1
rm -f /etc/resolv.conf
echo nameserver $DNS > /etc/resolv.conf
echo search $DOMAINNAME >> /etc/resolv.conf
fi
#
# See if the Testbed configuration software wants to change the hostname.
#
if [ -x $BINDIR/sethostname.dhclient ]; then
$BINDIR/sethostname.dhclient >>$LOGDIR/dhclient.log 2>&1
fi
echo "`date`: ${iface}: done!" >>$LOGFILE 2>&1
exit 0
[Unit]
Description=Emulab systemd-networkd on %I
DefaultDependencies=no
Before=systemd-networkd.service
Wants=systemd-networkd.service
[Service]
Type=simple
ExecStart=/usr/local/etc/emulab/emulab-networkd.sh %i
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
systemd-journal:x:101:
systemd-network:x:102:
systemd-resolve:x:103:
input:x:104:
crontab:x:105:
syslog:x:106:
messagebus:x:107:
mlocate:x:108:
uuidd:x:109:
ssh:x:110:
lpadmin:x:111:
sambashare:x:112:
ntp:x:113:
ssl-cert:x:114:
_cvsadmin:x:115:
postfix:x:116:
postdrop:x:117:
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::syslog
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
systemd-journal:!::
systemd-network:!::
systemd-resolve:!::
input:!::
crontab:!::
syslog:!::
messagebus:!::
mlocate:!::
uuidd:!::
ssh:!::
lpadmin:!::
sambashare:!::
ntp:!::
ssl-cert:!::
_cvsadmin:!::
postfix:!::
postdrop:!::
#
# Hosts Database.
#
127.0.0.1 localhost loghost
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
#
# Generic Emulab NTP client configuration.
#
driftfile /var/lib/ntp/ntp.drift
# disallow most accesses, most importantly 'monlist' queries
# XXX again, not ideal but works with really old ntpds
restrict default nomodify nopeer noquery notrap
restrict 127.0.0.1
server ntp1 iburst
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-network:x:100:102:systemd Network Management,,,:/run/systemd/netif:/usr/sbin/nologin
systemd-resolve:x:101:103:systemd Resolver,,,:/run/systemd/resolve:/usr/sbin/nologin
syslog:x:102:106::/home/syslog:/usr/sbin/nologin
messagebus:x:103:107::/nonexistent:/usr/sbin/nologin
_apt:x:104:65534::/nonexistent:/usr/sbin/nologin
uuidd:x:105:109::/run/uuidd:/usr/sbin/nologin
sshd:x:106:65534::/run/sshd:/usr/sbin/nologin
ntp:x:107:113::/nonexistent:/usr/sbin/nologin
postfix:x:108:116::/var/spool/postfix:/usr/sbin/nologin
statd:x:109:65534::/var/lib/nfs:/usr/sbin/nologin
# Emulab stuff
#
local5.* -/var/log/emulab.log
& stop